- or, for that matter, any https service in the 192.168.3.x LAN which runs on a different port
from the 192.168.11.x subnet, accessing services running on default ports (i.e. 80, 3389, 21) in the 192.168.3.x subnet works fine. doing the same for services running on custom ports (i.e. https over port 441) the connection to the webserver times out.
Hi Glen, thank you for using our forum, my name is Luis I am part of the Small business Support community. In this case I think you should check your firewall settings in your SmoothWall, I advise you create an ACL from the remote WAN to your LAN, or if you want to be more specific the servers IP address. If the issue continues you should check the servers firewall as well.
thank you for your reply. we've checked the smoothwall configuration, but couldn't discover anything which could cause this problem. we even tried replacing the sa520 with a draytek vigor router to set up an lan-to-lan vpn with the smoothwall. with the draytek in place we have no problems accessing the aforementioned servers, so it seems the issue is with the SA520.
what exactly do you mean by creating an ACL from the remote WAN to our LAN? i assumed you meant creating a firewall rule, allowing traffic from the remote device's public ip to our LAN. however, in that case i need to enter an ip address of a device in our LAN, or else i cannot save this rule. as a test i entered the ip address of my machine as the destination address, but am still unable to access the aforementioned servers.
here's how i set up the rule:
from zone: UNSECURE (WAN/optional WAN)
to zone: LAN
action: ALLOW always
schedule: (not set)
source hosts: Single address
from: public ip of one of the aforementioned servers
source NAT settings > external IP address: WAN interface address (cannot change this setting)
source NAT settings >WAN interface: dedicated WAN (cannot change this setting)
destination NAT settings > internal ip address: 192.168.11.123 (ip address of my machine)
Listen: https://smarturl.it/CCRS8E41 Follow us: https://twitter.com/CiscoChampion
Let’s face it: today’s work is hybrid. Making hybrid work requires more than collaboration tools and SaaS applications. It’s about connecting people, dispa...
Join David Bombal as he busts the myths around Cisco Designed while building out an SMB network right at his desk.
David, a CCIE, CCSI and an educator, has delivered training courses all around the globe across multiple Cisco topics. And he’s desig...
This Chat covers the intersection of technology and social impact from community to global levels. Learn how digital maturity accelerates SMB growth and profits that can fund social programs and enable sustainable business practices like remote work.
This Chat covers the intersection of technology and social impact from community to global levels. Learn how digital maturity accelerates SMB growth and profits that can fund social programs and enable sustainable business practices like remote work. We'l...